Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Upgrade from SuSEfirewall2 1.6 to 2.1
  • From: "Florian Pressler" <florianp@xxxxxxxxxxx>
  • Date: Thu, 27 Dec 2001 22:02:28 +0100
  • Message-id: <F63ifntK1HBpTlErLqG00010492@xxxxxxxxxxx>
Hi,

I'm having a small problem upgrading my SuSEfirewall2 from V1.6 to V2.1.

As we know, it is not possible to connect to the external IP of the Firewall from the inside (in my case masqueraded) network.

Thanks to this mailing-list, I found out you had to add following line to your custom-rule-file:

fw_custom_before_antispoofing() {
iptables -A INPUT -i eth0 -s 172.20.30.40/29 -d 212.186.214.227 -j ACCEPT

true
}

In V1.6, this worked perfectly. In V2.1, it does not. The log says:

Dec 27 22:00:23 chello212186214227 kernel: SuSE-FW-NO_ACCESS_INT->FWEXT IN=eth0 OUT= MAC=00:02:44:0d:30:ac:00:02:44:0d:30:ab:0
8:00 SRC=172.20.30.42 DST=212.186.214.227 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=49600 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=4100

I would be glad if you could help me out...
regards,
Florian Pressler


_________________________________________________________________
Werden Sie Mitglied bei MSN Hotmail, dem größten E-Mail-Service der Welt. http://www.hotmail.com/de


< Previous Next >
This Thread
  • No further messages